Hackers Build New Tor Client Designed to Beat the NSA

Uploaded on 2015-06-03 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, INTELLIGENCE--USA, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Astoria-tor-client-software.jpg


Anonymity’s toughest adversaries are hackers with the full-force and backing of Beijing, London, and Washington, DC. 
With the threat of powerful intelligence agencies, like the NSA, looming large, researchers have built a new Tor client called Astoria designed specifically to make eavesdropping harder for the world's richest, most aggressive, and most capable spies.

Tor, the world’s most popular anonymity network, works like this: A user fires up the client and connects to the network through what's called an entry node. To reach a website anonymously, the user’s Internet traffic is then passed encrypted through a so-called middle relay and then an exit relay (and back again). That user-relay connection is called a circuit. The website on the receiving end doesn’t know who is visiting, only that a faceless Tor user has connected.
An eavesdropper shouldn’t be able to know who the Tor user is either, thanks to the encrypted traffic being routed through 6,000 nodes in the network.
But something called "timing attacks" change the situation. When an adversary takes control of both the entry and exit relays, research shows they can potentially deanonymize Tor users within minutes.
A full 58 percent of Tor circuits are vulnerable to network-level attackers, such as the NSA or Britain’s Government Communications Headquarters (GCHQ), when they access popular websites, according to new research from American and Israeli academics. Chinese users are the most vulnerable of all to these kinds of attacks, with researchers finding 85.7 percent of all Tor circuits from the country to be vulnerable.
Even though Tor is designed to provide complete anonymity to its users, the NSA’s position means they can potentially see and measure both traffic entering the Tor network and the traffic that comes out. When an intelligence agency can see both, simple statistics help an autonomous system at their control match the data up in a timed attack and discover the identity of the sender.
This kind of threat has been known for over a decade. They’ve been trying to make eavesdropping difficult for spy agencies for just as long.
To counter the threat, American-Israeli researchers built Astoria, a new Tor client focused on defeating autonomous systems that can break Tor’s anonymity.
Astoria reduces the number of vulnerable circuits from 58 percent to 5.8 percent, the researchers say. The new solution is the first designed to beat even the most recently proposed asymmetric correlation attacks on Tor.
Designed to beat such attacks, Astoria differs most significantly from Tor's default client in how it selects the circuits that connect a user to the network and then to the outside Internet. The tool, at its foundation, is an algorithm designed to more accurately predict attacks and then securely select relays that mitigate timing attack opportunities for top-tier adversaries.
Astoria adroitly considers how circuits should, according to the researchers, be made “when there are no safe possibilities,” how to safely balance the growing bandwidth load across the Tor network, and how to keep Tor’s performance “reasonable” and relatively fast even when Astoria is in its most secure configuration.
Defeating timing attacks against Tor completely isn’t possible because of how Tor is built, but making the attacks more costly and less likely to succeed is a pastime that Tor developers have dedicated a decade to. Astoria follows in those footsteps.
By choosing relays based on lowering the threat of eavesdropping by autonomous systems and then choosing randomly if no safe passage is possible, Astoria aims to minimize the information gained by an adversary watching an entire circuit.
DailyDot:  http://bit.ly/1ISWezb

« Review of Organised Cyber Crime
North Korean Hackers 'could kill', Warns Defector »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

TrustedIA

TrustedIA

TrustedIA is a cyber and protective security company. Our mission is to help businesses protect themselves from disruptive events that can impact their successful operation.

Bromium

Bromium

Bromium deliver a new technology called micro-virtualization to address the enterprise security problem and provide protection for end users against advanced malware.

Infoblox

Infoblox

Infoblox solutions help businesses automate complex network control functions to reduce costs, increase security and maximize uptime.

SMESEC

SMESEC

SMESEC is a lightweight Cybersecurity framework for protecting small and medium-sized enterprises (SME) against Cyber threats.

bluedog Security Monitoring

bluedog Security Monitoring

Sentinel from bluedog provides powerful and affordable internal network monitoring.

Cyan Securiy Group

Cyan Securiy Group

Cyan provide best-in-class cyber security solutions for mobile Internet and mobile devices that are extremely effective and highly intuitive in their use.

FraudScope

FraudScope

FraudScope is an AI-assisted platform that accelerates the identification of fraud, waste, and abuse.

NexGenT

NexGenT

NexGenT have combined military-style training with decades of network engineering and cyber security experience into an immersive program to get people into cyber security fast and effectively.

Flix11

Flix11

Flix11 is a Cyber Security & ICT Solutions focused company. We provide a range of products and services in Cyber Security, Internet of Things (IoT) and infrastructure solutions.

NWN Carousel

NWN Carousel

NWN Carousel delivers AI-powered technology solutions for the modern workplace. From unified communications and intelligent infrastructure to robust cybersecurity.

Ostendio

Ostendio

Ostendio is a cybersecurity and information management solutions provider that develops affordable compliance solutions for digital health companies and other regulated entities.

LANCOM Systems

LANCOM Systems

LANCOM Systems is the leading European manufacturer of secure, reliable and future-proof networking (WAN, LAN, WLAN) and firewall solutions for the public and private sectors.

Truly Secure

Truly Secure

Truly Secure is an IT Service Provider that ensures greater efficiency and security within a company's technological environment.

Virtual Infosec Africa (VIA)

Virtual Infosec Africa (VIA)

Virtual InfoSec Africa (VIA) is a wholly-owned Ghanaian company specializing in information security and cybersecurity solutions and services.

Cloudsmith

Cloudsmith

Cloudsmith is the only cloud-native, global, universal artifact management platform for securely developing and distributing software.

Vulnify

Vulnify

At Vulnify, we’re revolutionizing the way businesses identify and manage security vulnerabilities.